computersecuritynews – Page 54 – Explaining Security

Useful weblinks

ARIN – American registry for Internet Numbers

Whois database

SANS – (SysAdmin, Audit, Networking, Security) A private company teaching the ins and outs of security

DIG – an excellent utility to check DNS (Domain name service on the net at Kloth.net

Virustotal – An excellent online malware analysis tool (wondering if a file has malware? upload and check.

ISC – Internet Storm Center , a daily update on Security concerns on the net (run by SANS)

05/03/2014

More to come…

Cybersecurity Framework by NIST(National Institute of Standards and Technology)

NIST Cybersecurity framework pdf

The Framework Core consists of
five concurrent and continuous Functions—Identify, Protect, Detect, Respond, Recover.

This Framework is designed to protect critical infrastructure of the United States (utilities, police, fire, and other government functions)

Small business owners can learn some things as to what to do in the primary function of the framework: to Identify your risk and develop organizational understanding to handle this.

It seems that this framework is not very specific, and may be helpful to some companies which have not put the time into making Cybersecurity a priority.

New Internet Explorer vulnerability Microsoft confirms

This is considered client side vulnerability.

Where the user on their computer can click on a webpage or link using Flash and then the system will be compromised (a malware would kick off and the system will do the master program bidding).

this is a good reason why I use Chrome and firefox to reduce some exposure liability.

KrebsonSecurity has some more info.

Microsoft patch Tuesday is upon us this week (2nd Tue in month)

The Storm center announces patch Tuesday with a typical list of new vulnerabilities

And a big reminder – Windows XP will have its last update in April

But also Office 2003 will have its last update in April as well. So please update our operating systems and Office versions in case you have not yet.

(even to the old machine in the back that should just be retired.) It is not a good idea to reuse computers and not watch them. reusing a computer has too many risks.

New PHP software available – update soon

When PHP says new software is available: http://www.php.net/downloads.php

Then it is a good idea to perform the updates, as security enhancements are done for a reason.

You dont want to end up in the headlines.

Our more advanced service: Sigma (Σ) is the one to check if you have old software running